[VIM] StaticStore vendor ACK of XSS issue (CVE-2005-4284)

Steven M. Christey coley at linus.mitre.org
Thu Dec 22 20:14:17 EST 2005


I haven't followed up on the variation yet (bad me...) so presumably they
still have it :(

On Thu, 22 Dec 2005, security curmudgeon wrote:

>
> : After a bit of confusion, the vendor has now acknowledged the
> : search.cgi XSS issue:
> :
> :    The vulnerability has been corrected...  thank you for bringing
> :    that to our attention and the patched "search.cgi" has been emailed
> :    to all customers and posted for download on our private forums.
>
> Does this include the variation (possible seperate script) that Matthew
> reported here? Or did they not distinguish?
>


More information about the VIM mailing list